urlscan.io logo urlscan.io
SecurityTrails logo

heaterprox.com Open in urlscan Pro
212.36.83.70  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://herdone.us/rd/c6043nynlF442904byPF2506Tao6044zRuS997
Effective URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d...
Submission: On October 12 via api from BE — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 29 IPs in 4 countries across 22 domains to perform 88 HTTP transactions. The main IP is 212.36.83.70, located in Cerdanyola del Vallès, Spain and belongs to AS_ADAM Adam Datacenter, ES. The main domain is heaterprox.com.
TLS certificate: Issued by R3 on August 24th 2022. Valid for: 3 months.
This is the only time heaterprox.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 212.83.58.221 47447 (TTM)
1 1 181.214.242.99 61317 (ASDETUK w...)
4 212.36.83.70 15699 (AS_ADAM A...)
2 2a04:4e42:400... 54113 (FASTLY)
2 2a02:6ea0:c40... 60068 (CDN77 ^_^)
1 2607:f8b0:400... 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
18 2a02:6ea0:c40... 60068 (CDN77 ^_^)
1 13.225.214.96 16509 (AMAZON-02)
1 151.139.242.29 33438 (STACKPATH)
2 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:251... 16509 (AMAZON-02)
1 3 18.119.23.78 16509 (AMAZON-02)
8 2607:f8b0:400... 15169 (GOOGLE)
1 142.251.40.194 15169 (GOOGLE)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2600:141b:500... 20940 (AKAMAI-ASN1)
4 104.71.130.41 20940 (AKAMAI-ASN1)
3 2a03:2880:f08... 32934 (FACEBOOK)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
5 2607:f8b0:400... 15169 (GOOGLE)
1 13.35.93.30 16509 (AMAZON-02)
6 2600:9000:21d... 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
88 29
2    212.83.58.221 (Germany)

ASN47447 (TTM, DE)
PTR: srv30.afrogirldate.com
herdone.us
1    181.214.242.99 (United Arab Emirates)

ASN61317 (ASDETUK www.heficed.com, GB)
PTR: ohone.guyagents.com
www.makeingmes.com
4    212.36.83.70 (Cerdanyola del Vallès, Spain)

ASN15699 (AS_ADAM Adam Datacenter, ES)
heaterprox.com
2    2a04:4e42:400::729 (United States)

ASN54113 (FASTLY, US)
browser.sentry-cdn.com
2    2a02:6ea0:c400::11 (New York, United States)

ASN60068 (CDN77 ^_^, GB)
cdn.widitrade.com
1    2607:f8b0:4006:823::200a (Rockville, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
18    2a02:6ea0:c400::19 (New York, United States)

ASN60068 (CDN77 ^_^, GB)
assets.widitrade.com
1    13.225.214.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-96.ewr50.r.cloudfront.net
platform-api.sharethis.com
1    151.139.242.29 (United States)

ASN33438 (STACKPATH, US)
images.dmca.com
2    2607:f8b0:4006:809::2003 (Rockville, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    2607:f8b0:4006:81f::2008 (Rockville, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2607:f8b0:4006:80a::2003 (Rockville, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2600:9000:2511:bc00:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)
buttons-config.sharethis.com
3    18.119.23.78 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-119-23-78.us-east-2.compute.amazonaws.com
l.sharethis.com
8    2607:f8b0:4006:823::200e (Rockville, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    142.251.40.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net
www.googleadservices.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    2600:141b:5000:58c::1931 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
s.pinimg.com
4    104.71.130.41 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-71-130-41.deploy.static.akamaitechnologies.com
analytics.tiktok.com
3    2a03:2880:f082:9:face:b00c:0:3 (Chicago, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2607:f8b0:4004:c1b::9d (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
5    2607:f8b0:4006:808::2004 (Rockville, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    13.35.93.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-30.jfk50.r.cloudfront.net
count-server.sharethis.com
6    2600:9000:21da:a200:1d:85c3:6640:93a1 (United States)

ASN16509 (AMAZON-02, US)
platform-cdn.sharethis.com
3    2607:f8b0:4006:80f::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2607:f8b0:4004:c07::99 (Washington, United States)

ASN15169 (GOOGLE, US)
gtm-wxbzjqd-n2y1z.uc.r.appspot.com
Apex Domain
Subdomains		 Transfer
20 widitrade.com
cdn.widitrade.com — Cisco Umbrella Rank: 618303
assets.widitrade.com — Cisco Umbrella Rank: 423907
6 MB
12 sharethis.com
platform-api.sharethis.com — Cisco Umbrella Rank: 6377
buttons-config.sharethis.com — Cisco Umbrella Rank: 7588
l.sharethis.com — Cisco Umbrella Rank: 6253
count-server.sharethis.com — Cisco Umbrella Rank: 13549
platform-cdn.sharethis.com — Cisco Umbrella Rank: 13494
54 KB
8 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 94
21 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 19
800 B
5 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 171
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
5 KB
4 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 1028
96 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 129
300 KB
4 gstatic.com
www.gstatic.com
fonts.gstatic.com
114 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 358
167 KB
4 heaterprox.com
heaterprox.com
17 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 203
131 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 665
12 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 115
235 B
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 492
47 KB
2 sentry-cdn.com
browser.sentry-cdn.com — Cisco Umbrella Rank: 4869
40 KB
2 herdone.us
herdone.us
578 B
1 appspot.com
gtm-wxbzjqd-n2y1z.uc.r.appspot.com — Cisco Umbrella Rank: 682068
737 B
1 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 1008
1 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 154
15 KB
1 dmca.com
images.dmca.com — Cisco Umbrella Rank: 11479
6 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 118
1 KB
1 makeingmes.com
www.makeingmes.com
735 B
88 22
Domain Requested by
18 assets.widitrade.com heaterprox.com
8 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
heaterprox.com
6 platform-cdn.sharethis.com heaterprox.com
5 www.google.com heaterprox.com
4 analytics.tiktok.com herdone.us
analytics.tiktok.com
4 www.googletagmanager.com heaterprox.com
www.googletagmanager.com
4 cdnjs.cloudflare.com heaterprox.com
cdnjs.cloudflare.com
4 heaterprox.com herdone.us
heaterprox.com
www.gstatic.com
3 googleads.g.doubleclick.net www.googleadservices.com
3 connect.facebook.net herdone.us
connect.facebook.net
3 bat.bing.com www.googletagmanager.com
bat.bing.com
heaterprox.com
3 l.sharethis.com 1 redirects heaterprox.com
2 www.facebook.com heaterprox.com
2 stats.g.doubleclick.net www.google-analytics.com
2 fonts.gstatic.com fonts.googleapis.com
2 www.gstatic.com heaterprox.com
2 cdn.jsdelivr.net heaterprox.com
2 cdn.widitrade.com heaterprox.com
2 browser.sentry-cdn.com heaterprox.com
2 herdone.us 1 redirects
1 gtm-wxbzjqd-n2y1z.uc.r.appspot.com www.googletagmanager.com
1 count-server.sharethis.com platform-api.sharethis.com
1 s.pinimg.com www.googletagmanager.com
s.pinimg.com
1 www.googleadservices.com www.googletagmanager.com
1 buttons-config.sharethis.com platform-api.sharethis.com
1 images.dmca.com heaterprox.com
1 platform-api.sharethis.com heaterprox.com
1 fonts.googleapis.com heaterprox.com
1 www.makeingmes.com 1 redirects
88 29

This site contains links to these domains. Also see Links.

Domain
www.dmca.com
e-com7.com
Subject Issuer Validity Valid
heaterprox.com
R3		 2022-08-24 -
2022-11-22		 3 months crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-09-28 -
2023-10-30		 a year crt.sh
1253777694.rsc.cdn77.org
R3		 2022-09-26 -
2022-12-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
1741345642.rsc.cdn77.org
R3		 2022-09-26 -
2022-12-25		 3 months crt.sh
sharethis.com
Amazon		 2022-06-19 -
2023-07-18		 a year crt.sh
images.dmca.com
Go Daddy Secure Certificate Authority - G2		 2022-03-11 -
2023-03-29		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-09-03 -
2023-03-03		 6 months crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-01 -
2023-08-08		 a year crt.sh
*.tiktok.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-13 -
2023-01-13		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-07-22 -
2022-10-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.appspot.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Frame ID: 68D38707EF2CD19908B56370A128D375
Requests: 85 HTTP requests in this frame

Frame: https://heaterprox.com/iframe-gtm2/
Frame ID: 622D6962D57C51D25EBB38F0D20AB22A
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Heater Pro X

Page URL History Show full URLs

  1. http://herdone.us/rd/c6043nynlF442904byPF2506Tao6044zRuS997 Page URL
  2. http://herdone.us/track/c6043nynlF442904byPF2506Tao6044zRuS997 HTTP 302
    https://www.makeingmes.com/7KT9385/XC7NRWB/?sub1=9&sub2=997-6043&sub3=442904-2506-6044 HTTP 302
    https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <script[^>]*src="[^"]*browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
  • browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

88
Requests

97 %
HTTPS

69 %
IPv6

22
Domains

29
Subdomains

29
IPs

4
Countries

7025 kB
Transfer

9151 kB
Size

24
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://herdone.us/rd/c6043nynlF442904byPF2506Tao6044zRuS997 Page URL
  2. http://herdone.us/track/c6043nynlF442904byPF2506Tao6044zRuS997 HTTP 302
    https://www.makeingmes.com/7KT9385/XC7NRWB/?sub1=9&sub2=997-6043&sub3=442904-2506-6044 HTTP 302
    https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40
  • https://l.sharethis.com/pview?event=pview&hostname=heaterprox.com&location=%2F&product=inline-share-buttons&url=https%3A%2F%2Fheaterprox.com%2F%3Fwidipub_id%3D5e7a66adef28642bc90fec33%26wtrd_offer_id%3D5ffc4e5d1a2caa0db8279f34%26wtrd_offer_pids%3D616d4d479a270568a468ee63%26wtrd_offer_lids%3D5ffc4e9408feac201a60b82a%26widipub_custom1%3Dda75cf75292f4e4aa13450a0a0246c60%26widipub_custom2%3D4072&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Heater%20Pro%20X&refDomain=herdone.us&cms=unknown&publisher=5c62beeb7056550011c49dca&sop=true&version=st_sop.js&lang=en&description=The%20portable%20heater%20that%27s%20killing%20it%20in%20sales. HTTP 301
  • https://l.sharethis.com/sc?event=pview&hostname=heaterprox.com&location=%2F&product=inline-share-buttons&url=https%3A%2F%2Fheaterprox.com%2F%3Fwidipub_id%3D5e7a66adef28642bc90fec33%26wtrd_offer_id%3D5ffc4e5d1a2caa0db8279f34%26wtrd_offer_pids%3D616d4d479a270568a468ee63%26wtrd_offer_lids%3D5ffc4e9408feac201a60b82a%26widipub_custom1%3Dda75cf75292f4e4aa13450a0a0246c60%26widipub_custom2%3D4072&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Heater%20Pro%20X&refDomain=herdone.us&cms=unknown&publisher=5c62beeb7056550011c49dca&sop=true&version=st_sop.js&lang=en&description=The%20portable%20heater%20that%27s%20killing%20it%20in%20sales.&samesite=None

88 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
c6043nynlF442904byPF2506Tao6044zRuS997
herdone.us/rd/ 		243 B
360 B 		Document
General
Check archive.org
Download Go to
Full URL
http://herdone.us/rd/c6043nynlF442904byPF2506Tao6044zRuS997
Protocol
HTTP/1.1
Server
212.83.58.221 , Germany, ASN47447 (TTM, DE),
Reverse DNS
srv30.afrogirldate.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Content-Length
243
Content-Type
text/html; charset=utf-8
Date
Wed, 12 Oct 2022 17:29:25 GMT
Primary Request /
heaterprox.com/
Redirect Chain
  • http://herdone.us/track/c6043nynlF442904byPF2506Tao6044zRuS997
  • https://www.makeingmes.com/7KT9385/XC7NRWB/?sub1=9&sub2=997-6043&sub3=442904-2506-6044
  • https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=...
55 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Requested by
Host: herdone.us
URL: http://herdone.us/rd/c6043nynlF442904byPF2506Tao6044zRuS997
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.36.83.70 Cerdanyola del Vallès, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS
Software
nginx /
Resource Hash
361830d0d799a7398230eb99a73a546c5695d4a2171b9806de91637aec0a0287
Security Headers
Name Value
Content-Security-Policy frame-ancestors *
Strict-Transport-Security max-age=15768000

Request headers

Referer
http://herdone.us/rd/c6043nynlF442904byPF2506Tao6044zRuS997
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, must-revalidate, private
content-encoding
gzip
content-security-policy
frame-ancestors *
content-type
text/html; charset=UTF-8
date
Wed, 12 Oct 2022 17:29:27 GMT
expires
Wed, 12 Oct 2022 17:29:27 GMT
server
nginx
strict-transport-security
max-age=15768000

Redirect headers

Content-Length
293
Content-Type
text/html; charset=utf-8
Date
Wed, 12 Oct 2022 17:29:26 GMT
Location
https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Server
nginx
Vary
Origin
X-Eflow-Request-Id
9cbc0e56-1256-4d9b-bd38-5ab849d56378
bundle.min.js
browser.sentry-cdn.com/6.17.4/ 		63 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/6.17.4/bundle.min.js
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
d4538b500dbad64b4c530857d7faf7d63bf921bcab573e94160c459ce859c90d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://heaterprox.com/
Origin
https://heaterprox.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 17:29:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 02 Feb 2022 15:42:58 GMT
server
Fastly
age
132615
etag
"456782718f10c0d95baf1a859662a1e9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
20491
expires
Wed, 11 Oct 2023 04:39:12 GMT
router.js
cdn.widitrade.com/bundles/fosjsrouting/js/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.widitrade.com/bundles/fosjsrouting/js/router.js
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
cee7b3016ac52c0d37b08300c6e9b9b63535f9b77567b036bc7975236a8cd4f3
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-77-nzt
AZySJBYdAV7/5l4MAA
x-accel-expires
@1665821841
date
Wed, 12 Oct 2022 17:29:27 GMT
strict-transport-security
max-age=15768000
content-encoding
br
last-modified
Tue, 20 Sep 2022 10:54:28 GMT
server
CDN77-Turbo
x-77-pop
newyorkUSNY
etag
W/"63299be4-3c74"
x-77-nzt-ray
/ZoAbzTrNDY
x-cache
HIT
content-type
application/javascript
x-77-cache
HIT
x-age
810726
routes-4bfe0386.js
cdn.widitrade.com/assets/js/routes/ 		9 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.widitrade.com/assets/js/routes/routes-4bfe0386.js
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
a5c61876c08ab6ffd4be394853d72e3d8a785fe5cb6f26a60f3a1fccc2c1d9ed
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-77-nzt
AZySJBbsnuP/kPEHAA
x-accel-expires
@1666111975
date
Wed, 12 Oct 2022 17:29:27 GMT
strict-transport-security
max-age=15768000
content-encoding
br
last-modified
Thu, 06 Oct 2022 16:47:23 GMT
server
CDN77-Turbo
x-77-pop
newyorkUSNY
etag
W/"633f069b-24a2"
x-77-nzt-ray
BNUMh9zVvjA
x-cache
HIT
content-type
application/javascript
x-77-cache
HIT
x-age
520592
css2
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d53b8656b8f584f2303e2ca2e8be93d17c0245e7d62c419c79f701c4219b30cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 12 Oct 2022 17:29:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 15:58:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 12 Oct 2022 17:29:27 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/ 		58 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://heaterprox.com/
Origin
https://heaterprox.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 17:29:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
465391
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10480
last-modified
Tue, 16 Mar 2021 19:29:58 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"60510736-e7d0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YL2Szu8RDlszS%2B1pw0JLKu8OaiCzTt8b4Cw1Y8Ck1%2F4GdiC8Staau%2FS4P4JX4Bn8%2FzAwCt6w70TkRAZNwetCYyRFe06lFP9c4QHswhjpUaJ7rCiuIg4BlbyY11pmJkfm2vo5qMXP%2Fn3l8TzqEH6OxcVJ"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75918ecb0ba828f5-ORD
expires
Mon, 02 Oct 2023 17:29:27 GMT
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.0-beta3/dist/css/ 		151 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.0-beta3/dist/css/bootstrap.min.css
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d4f6240127cf5d1cfda2caeb0283efb4c9c879e43031f102fa3fc09853ae1b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://heaterprox.com/
Origin
https://heaterprox.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 17:29:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3501924
x-jsd-version
5.0.0-beta3
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19161-FRA, cache-itm18824-ITM
x-jsd-version-type
version
server
cloudflare
etag
W/"25cfb-UcVSpq1X1XvRNJScPVMSiB9RqJM"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XOx9hktdQD5dba%2Fwirs%2F1u1UXEbfl%2Fxa5hpZ0gC36yMGy9n9MctRbduB%2FTm0jeIeQ9KYw%2BtJ%2FGRzqqhCO5AbTsu4CQSkdK0Vs4pwk70foL%2BjYNx%2FQB8Yc1Lh2MoXHooa1vroI2iDALNCLawO9xM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
75918ecaff71e1ff-ORD
app.css
assets.widitrade.com/assets/templates/60897302b4d5282d8234dc22/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.widitrade.com/assets/templates/60897302b4d5282d8234dc22/app.css
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::19 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
d9ce4c460b1727b89788af09b57b8b4784dfd3bf12106616b9de4f4ba71f86c8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-77-nzt
AZySO/eLhxX/4esAAA
x-accel-expires
@1665621782
date
Wed, 12 Oct 2022 17:29:27 GMT
x-77-pop
newyorkUSNY
content-encoding
br
last-modified
Wed, 28 Apr 2021 16:13:06 GMT
server
CDN77-Turbo
etag
W/"60898992-130e"
x-77-nzt-ray
b+OOI339HRo
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
x-77-cache
HIT
x-age
60385
prefooter.css
assets.widitrade.com/assets/templates/60897302b4d5282d8234dc22/ 		581 B
502 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.widitrade.com/assets/templates/60897302b4d5282d8234dc22/prefooter.css
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::19 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
41d23e53f0a30ac4a2e2505c783664f7c216866e26bff7f5494f0a2a0714cecf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-77-nzt
AZySO/eHeYH/4esAAA
x-accel-expires
@1665621782
date
Wed, 12 Oct 2022 17:29:27 GMT
x-77-pop
newyorkUSNY
content-encoding
br
last-modified
Wed, 28 Apr 2021 15:29:30 GMT
server
CDN77-Turbo
etag
W/"60897f5a-245"
x-77-nzt-ray
pW6sFCa5YHc
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
x-77-cache
HIT
x-age
60385
sitelogopositive.png
assets.widitrade.com/assets/products/5ffc43a1c80c2e2c400de052/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.widitrade.com/assets/products/5ffc43a1c80c2e2c400de052/sitelogopositive.png
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::19 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
1066274fa5181ca6b56282204d3533f6f19f22ea5295c47451449920e9f578eb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-77-nzt
AZySO/dx0/D/XOYAAA
x-accel-expires
@1665623195
date
Wed, 12 Oct 2022 17:29:27 GMT
x-77-pop
newyorkUSNY
last-modified
Mon, 11 Jan 2021 12:25:13 GMT
server
CDN77-Turbo
etag
"5ffc43a9-17d7"
x-77-nzt-ray
PPME+LSBzkY
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
x-77-cache
HIT
x-age
58972
accept-ranges
bytes
content-length
6103
sharethis.js
platform-api.sharethis.com/js/ 		192 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform-api.sharethis.com/js/sharethis.js
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-96.ewr50.r.cloudfront.net
Software
/
Resource Hash
700ad5e597681fb45dfc74f05206ad9c2229a6c710c45b413842ddfe03ce4d50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 17:28:49 GMT
content-encoding
gzip
via
1.1 11ab138d0b995a9fa4daabbae7fc0b0c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
EWR50-C1
age
38
etag
W/"3011a-1tH8M8TNdKB39qADlCdHeiBv0FM"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
edge-control
cache-maxage=60m,downstream-ttl=60m
cache-control
max-age=600, public
x-cache
Hit from cloudfront
x-amz-cf-id
rn_WCmObY8MdCZ4i-eFV9aMipf5Kq7ZHdgc75ziLDVI51GiAihDnrA==
advbanner10.jpg
assets.widitrade.com/assets/products/5ffc43a1c80c2e2c400de052/ 		454 KB
454 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.widitrade.com/assets/products/5ffc43a1c80c2e2c400de052/advbanner10.jpg
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::19 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
33966c6e2f64a299020f0de1a75b93e7888322dfb5033859e8ea788574a58b10

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-77-nzt
AZySO/cUcLn/rcEAAA
x-accel-expires
@1665632586
date
Wed, 12 Oct 2022 17:29:27 GMT
x-77-pop
newyorkUSNY
last-modified
Wed, 31 Aug 2022 09:37:28 GMT
server
CDN77-Turbo
etag
"630f2bd8-71686"
x-77-nzt-ray
jluuRSB3Mq0
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
x-77-cache
HIT
x-age
49581
accept-ranges
bytes
content-length
464518
advbanner11.jpg
assets.widitrade.com/assets/products/5ffc43a1c80c2e2c400de052/ 		4 MB
4 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.widitrade.com/assets/products/5ffc43a1c80c2e2c400de052/advbanner11.jpg
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::19 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
adcd526d84bceaeb71d4cd8b8d9d23be8bfdbb1ee2d79b3502a179b5f79f9fdc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-77-nzt
AZySO/cLXtH/sBMBAA
x-accel-expires
@1665611591
date
Wed, 12 Oct 2022 17:29:27 GMT
x-77-pop
newyorkUSNY
last-modified
Wed, 03 Nov 2021 13:55:56 GMT
server
CDN77-Turbo
etag
"618294ec-466f2a"
x-77-nzt-ray
2WgWPNMqpjM
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
x-77-cache
HIT
x-age
70576
accept-ranges
bytes
content-length
4615978
advbanner12.jpg
assets.widitrade.com/assets/products/5ffc43a1c80c2e2c400de052/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.widitrade.com/assets/products/5ffc43a1c80c2e2c400de052/advbanner12.jpg
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::19 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c48dc1920b459cb954ac7e429253b7296ff32810152b4ef33de043a16ad12656

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-77-nzt
AZySO/fJEzr/6a8AAA
x-accel-expires
@1665637134
date
Wed, 12 Oct 2022 17:29:27 GMT
x-77-pop
newyorkUSNY
last-modified
Mon, 18 Oct 2021 10:21:16 GMT
server
CDN77-Turbo
etag
"616d4a9c-98aa"
x-77-nzt-ray
dfIDusnlUD8
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
x-77-cache
HIT
x-age
45033
accept-ranges
bytes
content-length
39082
advbanner13.jpg
assets.widitrade.com/assets/products/5ffc43a1c80c2e2c400de052/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.widitrade.com/assets/products/5ffc43a1c80c2e2c400de052/advbanner13.jpg
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::19 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
ecd092608e3488149bb3b673dffb6fd4a663869aedd4176f6e8f8ca0f27654a5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-77-nzt
AZySO/c5SKH/6a8AAA
x-accel-expires
@1665637134
date
Wed, 12 Oct 2022 17:29:27 GMT
x-77-pop
newyorkUSNY
last-modified
Mon, 18 Oct 2021 10:21:19 GMT
server
CDN77-Turbo
etag
"616d4a9f-c3a4"
x-77-nzt-ray
dhXhc7j9vTA
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
x-77-cache
HIT
x-age
45033
accept-ranges
bytes
content-length
50084
advbanner14.jpg
assets.widitrade.com/assets/products/5ffc43a1c80c2e2c400de052/ 		113 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.widitrade.com/assets/products/5ffc43a1c80c2e2c400de052/advbanner14.jpg
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::19 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
6182b4514b7d63eb2905a5609de8872c4786f490e631fa95fbfed4afeaa8bea7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-77-nzt
AZySO/f9nZX/6a8AAA
x-accel-expires
@1665637134
date
Wed, 12 Oct 2022 17:29:27 GMT
x-77-pop
newyorkUSNY
last-modified
Mon, 18 Oct 2021 10:20:43 GMT
server
CDN77-Turbo
etag
"616d4a7b-1c51d"
x-77-nzt-ray
o05V4slkfkk
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
x-77-cache
HIT
x-age
45033
accept-ranges
bytes
content-length
115997
advbanner15.jpg
assets.widitrade.com/assets/products/5ffc43a1c80c2e2c400de052/ 		232 KB
232 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.widitrade.com/assets/products/5ffc43a1c80c2e2c400de052/advbanner15.jpg
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::19 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
355f7006c51bf15489ca30f52234afbd82c4552827f00979513d2bbc6e744feb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-77-nzt
AZySO/fwqrz/6K8AAA
x-accel-expires
@1665637135
date
Wed, 12 Oct 2022 17:29:27 GMT
x-77-pop
newyorkUSNY
last-modified
Mon, 18 Oct 2021 10:20:47 GMT
server
CDN77-Turbo
etag
"616d4a7f-39e64"
x-77-nzt-ray
hYge6lh70x8
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
x-77-cache
HIT
x-age
45032
accept-ranges
bytes
content-length
237156
advbanner16.jpg
assets.widitrade.com/assets/products/5ffc43a1c80c2e2c400de052/ 		234 KB
235 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.widitrade.com/assets/products/5ffc43a1c80c2e2c400de052/advbanner16.jpg
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::19 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
b59b09edd989056c7c1a33b5d48662f050c4bb0f1409fc51d2015f49f0f7138e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-77-nzt
AZySO/efgqv/6K8AAA
x-accel-expires
@1665637135
date
Wed, 12 Oct 2022 17:29:27 GMT
x-77-pop
newyorkUSNY
last-modified
Tue, 26 Oct 2021 08:37:05 GMT
server
CDN77-Turbo
etag
"6177be31-3a854"
x-77-nzt-ray
T4z2Kw+Ca7E
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
x-77-cache
HIT
x-age
45032
accept-ranges
bytes
content-length
239700
advbanner17.jpg
assets.widitrade.com/assets/products/5ffc43a1c80c2e2c400de052/ 		78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.widitrade.com/assets/products/5ffc43a1c80c2e2c400de052/advbanner17.jpg
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::19 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
6c13dfd1c15bbf8266b6343cfdaa21c7a72fcdaab7cd0c9e2b5218b577381d2c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-77-nzt
AZySO/cYbBDvCAEAAA
x-accel-expires
@1665681903
date
Wed, 12 Oct 2022 17:29:27 GMT
x-77-pop
newyorkUSNY
last-modified
Mon, 18 Oct 2021 10:20:54 GMT
server
CDN77-Turbo
etag
"616d4a86-139ba"
x-77-nzt-ray
lHAii7UC7Yo
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
x-77-cache
HIT
x-age
264
accept-ranges
bytes
content-length
80314
advbanner18.jpg
assets.widitrade.com/assets/products/5ffc43a1c80c2e2c400de052/ 		180 KB
180 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.widitrade.com/assets/products/5ffc43a1c80c2e2c400de052/advbanner18.jpg
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::19 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
bc72002d3635a8ae6da4c00d513e697b56dffdf54dd6ab6bdae6d356e2d06b12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-77-nzt
AZySO/emPbP/6K8AAA
x-accel-expires
@1665637135
date
Wed, 12 Oct 2022 17:29:27 GMT
x-77-pop
newyorkUSNY
last-modified
Tue, 26 Oct 2021 08:37:52 GMT
server
CDN77-Turbo
etag
"6177be60-2ce58"
x-77-nzt-ray
P0La2WRnbsY
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
x-77-cache
HIT
x-age
45032
accept-ranges
bytes
content-length
183896
advbanner19.jpg
assets.widitrade.com/assets/products/5ffc43a1c80c2e2c400de052/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.widitrade.com/assets/products/5ffc43a1c80c2e2c400de052/advbanner19.jpg
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::19 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
5a2ed3b523a52549882a45c7d34da1c899b7d27214b9736c595669623c924ea8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-77-nzt
AZySO/d5LyH/6K8AAA
x-accel-expires
@1665637135
date
Wed, 12 Oct 2022 17:29:27 GMT
x-77-pop
newyorkUSNY
last-modified
Mon, 18 Oct 2021 10:41:39 GMT
server
CDN77-Turbo
etag
"616d4f63-aea9"
x-77-nzt-ray
MkKhBx66IYY
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
x-77-cache
HIT
x-age
45032
accept-ranges
bytes
content-length
44713
advproduct10.jpg
assets.widitrade.com/assets/products/5ffc43a1c80c2e2c400de052/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.widitrade.com/assets/products/5ffc43a1c80c2e2c400de052/advproduct10.jpg
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::19 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
eefa75d79fbf8aa67fc0abbb851865492400c9f7846bc6d39a8b719e350f2aa0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-77-nzt
AZySO/fmWib/rcEAAA
x-accel-expires
@1665632586
date
Wed, 12 Oct 2022 17:29:27 GMT
x-77-pop
newyorkUSNY
last-modified
Mon, 18 Oct 2021 10:21:05 GMT
server
CDN77-Turbo
etag
"616d4a91-37cc"
x-77-nzt-ray
gqzZIRVDVYM
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
x-77-cache
HIT
x-age
49581
accept-ranges
bytes
content-length
14284
dmca-badge-w200-5x1-11.png
images.dmca.com/Badges/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.dmca.com/Badges/dmca-badge-w200-5x1-11.png?ID=4101905d-7905-4245-a2bd-441eab099281
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.29 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software
nginx / ASP.NET
Resource Hash
08f0be3149fb34d24c91045b25de9d1e40844b9d69ad195e4b2b586c5c8e173a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 17:29:27 GMT
last-modified
Mon, 25 Jul 2016 19:39:16 GMT
server
nginx
etag
"9ff923aace6d11:0"
x-powered-by
ASP.NET
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
link
<http://dmca-images.azurewebsites.net/Badges/dmca-badge-w200-5x1-11.png>; rel="canonical"
content-length
5392
expires
Fri, 11 Nov 2022 17:29:27 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 17:29:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1708152
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27433
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-1538f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KXMQEJ8jOFnpZAqCFLgH7o29Xn4cljYYZB5K5%2FaOjMJHokKYvRqD2o8BK8SxlJ06OcztTSeIpjJbSxk2ffE5OvWy%2Bfu0Y6T1Xu4mtlcuYBE1GeYo5Kyekrnjk42qXYYZejXR6aQurYqCq7KAE97UW%2BJW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75918ecbfabfe22b-ORD
expires
Mon, 02 Oct 2023 17:29:27 GMT
firebase-app.js
www.gstatic.com/firebasejs/5.5.3/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/5.5.3/firebase-app.js
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81dff483fdac22b45e404c729c8cf593a995840478f4101cd8e97e09b47ae96e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 10:52:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
110232
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12419
x-xss-protection
0
last-modified
Thu, 04 Oct 2018 21:56:42 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Oct 2023 10:52:15 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/5.5.3/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/5.5.3/firebase-messaging.js
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e87c14a38296bdf92c4f9a1cd41ad9077a3cbe2d33d51eb4fb54f4706c9ebe2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Thu, 06 Oct 2022 18:44:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
513906
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10045
x-xss-protection
0
last-modified
Thu, 04 Oct 2018 21:56:42 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 06 Oct 2023 18:44:21 GMT
moment-with-locales.min.js
cdnjs.cloudflare.com/ajax/libs/moment.js/2.20.1/ 		306 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.20.1/moment-with-locales.min.js
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d6ac652a4a210d983f1b2fe05578b97b8827e1b3ea643f222aad941c4b64def
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 17:29:27 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1981782
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
52012
last-modified
Mon, 04 May 2020 16:13:26 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f26-4c8c5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oJt7nDIwzo%2FOjpeDKlMozNkE46AyCmwZE%2By8LYyNt7ECQDtgDDrUDi%2F4coGnHKzPjMhmnxpcr5ir%2BRQ6RR2CKVsXJKh7G36hYrp8oqJJfEH%2BM9biESm19gRumxY7XOO0Lp2dyFANhLJYOc%2B4PyeDA9Os"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75918ecbfabde22b-ORD
expires
Mon, 02 Oct 2023 17:29:27 GMT
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@5.0.0-beta3/dist/js/ 		79 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.0-beta3/dist/js/bootstrap.bundle.min.js
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05304a8f26373142efa126a87977201cbc22d408c573f151ee2907933e9099f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://heaterprox.com/
Origin
https://heaterprox.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 17:29:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3492971
x-jsd-version
5.0.0-beta3
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19147-FRA, cache-yyz4526-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"13a2b-LayF+MVECCdqC/PP+pHf1O96P1E"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pnb6SACcJE46Omq99C1mcEXiiIWNEe9aEeqPWxUYqmDURafkbYvt3wgR8duDZ0xuLrfi%2F7WAVtje5HKd%2ByECWg4VMos2p00NPgyy0gGJCo9GZjHWnEhAB2Ie0LJqnqnhJePkGf6F%2Bi6yCT%2FM%2BYg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
75918ecbe944e1ff-ORD
pixel-click.gif
heaterprox.com/ 		43 B
658 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://heaterprox.com/pixel-click.gif?avd=5e011442ef28642e5a624242&offer=5ffc4e5d1a2caa0db8279f34&offerLanding=5ffc4e9408feac201a60b82a&offerPrelanding=616d4d479a270568a468ee63&publisher=5e7a66adef28642bc90fec33&attributionDays=30&renderType=prelanding&clickId=6346f977b80494725136ad14&chargeCost=0&referer=http://herdone.us/&widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.36.83.70 Cerdanyola del Vallès, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS
Software
nginx /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
Security Headers
Name Value
Content-Security-Policy frame-ancestors *
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 17:29:29 GMT
cache-control
must-revalidate, no-cache, private
content-security-policy
frame-ancestors *
server
nginx
strict-transport-security
max-age=15768000
content-type
image/gif
gtm.js
www.googletagmanager.com/ 		288 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NGZ7Z7Q
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2008 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
102626a6fcf34e6019d06b8c7b4f7ff47d8eb134b4096a8fd746360bbb9adadc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 17:29:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86366
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 16:11:09 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 12 Oct 2022 17:29:27 GMT
/
heaterprox.com/iframe-gtm2/ Frame 622D 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://heaterprox.com/iframe-gtm2/
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.36.83.70 Cerdanyola del Vallès, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS
Software
nginx /
Resource Hash
961c699fa1b6a4d8e576953ac852a3a17b6ab51f98f278cdfaac58eab631e3a0
Security Headers
Name Value
Content-Security-Policy frame-ancestors *
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, private
content-encoding
gzip
content-security-policy
frame-ancestors *
content-type
text/html; charset=UTF-8
date
Wed, 12 Oct 2022 17:29:27 GMT
server
nginx
strict-transport-security
max-age=15768000
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://heaterprox.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 10:34:59 GMT
x-content-type-options
nosniff
age
111268
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Oct 2023 10:34:59 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2699316cb83af2502422d101e81564b0492785cab2fdfbdc256f90e1c4ad5606
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Origin
https://heaterprox.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 17:29:27 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2401565
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
78196
last-modified
Tue, 16 Mar 2021 19:29:58 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"60510736-13174"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EOw5E3%2BF9FKqMdmd%2BAJ52%2Bvmy%2B1ZgYgbD9CyrDJ%2FJCVeQFZFeB8t5Eb3K9M3QdAO7QMY4ic6sm0MU%2F0NpdYVJLvdFtDg5hMhfNH1gBLRLUH2SZ4a2byjcAo8c4kreXWa3XFLUZPIQ9RQutfdKH5lXjBx"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75918ecbed4128f5-ORD
expires
Mon, 02 Oct 2023 17:29:27 GMT
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v34/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://heaterprox.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 10 Oct 2022 19:02:27 GMT
x-content-type-options
nosniff
age
167220
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47952
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:22:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Oct 2023 19:02:27 GMT
testimonialprofile1.jpg
assets.widitrade.com/assets/products/5ffc43a1c80c2e2c400de052/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.widitrade.com/assets/products/5ffc43a1c80c2e2c400de052/testimonialprofile1.jpg
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::19 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
ee7ba44fe5bce5b8af0bb0dbdf7cd946fac1a441e0295025dc7abfd7e5bd9d3f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-77-nzt
AZySO/e+aQz/aPwAAA
x-accel-expires
@1665617551
date
Wed, 12 Oct 2022 17:29:27 GMT
x-77-pop
newyorkUSNY
last-modified
Mon, 22 Aug 2022 12:48:31 GMT
server
CDN77-Turbo
etag
"63037b1f-2291"
x-77-nzt-ray
ZPN7KD1vmHc
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
x-77-cache
HIT
x-age
64616
accept-ranges
bytes
content-length
8849
stars50.png
assets.widitrade.com/assets/templates/shared/ 		822 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.widitrade.com/assets/templates/shared/stars50.png
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::19 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
5373e04bf2ff95719a66c8f3f275375855886609389eaac55f6438ddac5b3285

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-77-nzt
AZySO/eq2Rr/N5YAAA
x-accel-expires
@1665643712
date
Wed, 12 Oct 2022 17:29:27 GMT
x-77-pop
newyorkUSNY
last-modified
Wed, 20 Apr 2022 11:39:56 GMT
server
CDN77-Turbo
etag
"625ff10c-336"
x-77-nzt-ray
QCLrIPrSRk4
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
x-77-cache
HIT
x-age
38455
accept-ranges
bytes
content-length
822
testimonialprofile2.jpg
assets.widitrade.com/assets/products/5ffc43a1c80c2e2c400de052/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.widitrade.com/assets/products/5ffc43a1c80c2e2c400de052/testimonialprofile2.jpg
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::19 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
1f3ab993059ec499e97516abc831c0d77f36e5735a99f4a88e42531da047c5d9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-77-nzt
AZySO/f38xr/aPwAAA
x-accel-expires
@1665617551
date
Wed, 12 Oct 2022 17:29:27 GMT
x-77-pop
newyorkUSNY
last-modified
Mon, 22 Aug 2022 12:48:36 GMT
server
CDN77-Turbo
etag
"63037b24-2772"
x-77-nzt-ray
R4Jf7BWhbck
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
x-77-cache
HIT
x-age
64616
accept-ranges
bytes
content-length
10098
testimonialprofile3.jpg
assets.widitrade.com/assets/products/5ffc43a1c80c2e2c400de052/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.widitrade.com/assets/products/5ffc43a1c80c2e2c400de052/testimonialprofile3.jpg
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::19 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
72c4f93e84a2bfd5a99604e818008f2cbe6d207ca8367ece60ad3837cb5171e6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-77-nzt
AZySO/f2pb//aPwAAA
x-accel-expires
@1665617551
date
Wed, 12 Oct 2022 17:29:27 GMT
x-77-pop
newyorkUSNY
last-modified
Mon, 22 Aug 2022 12:48:40 GMT
server
CDN77-Turbo
etag
"63037b28-2393"
x-77-nzt-ray
fEgEPV1huhY
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
x-77-cache
HIT
x-age
64616
accept-ranges
bytes
content-length
9107
manifest.json
heaterprox.com/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://heaterprox.com/manifest.json
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/5.5.3/firebase-messaging.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.36.83.70 Cerdanyola del Vallès, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS
Software
nginx /
Resource Hash
653b7b9e6f9dff5e12073de4a3a15acb4074767823f49d9704b083bb1ba28a14
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 17:29:28 GMT
strict-transport-security
max-age=15768000
content-encoding
gzip
last-modified
Thu, 06 Oct 2022 16:45:26 GMT
server
nginx
etag
W/"633f0626-d14"
content-type
application/json
5c62beeb7056550011c49dca.js
buttons-config.sharethis.com/js/ 		997 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buttons-config.sharethis.com/js/5c62beeb7056550011c49dca.js
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:bc00:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f4277f9e50a728c3d8fbd418f825fd974400d65658b6d7069cc0f6456198989b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 17:28:51 GMT
via
1.1 08307cdad31639e360e0351e9156d6ba.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
JFK50-P6
age
37
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
997
last-modified
Wed, 22 Sep 2021 12:41:52 GMT
server
AmazonS3
etag
"65f8f6b647f1fbcf9cd8eef88a7e692d"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=60
accept-ranges
bytes
x-amz-cf-id
TvdpnbC5lyAAP_nhNcc-p8FAHdnvVaMBxbu8RIctL7bNTjNuupcuTA==
sc
l.sharethis.com/
Redirect Chain
  • https://l.sharethis.com/pview?event=pview&hostname=heaterprox.com&location=%2F&product=inline-share-buttons&url=https%3A%2F%2Fheaterprox.com%2F%3Fwidipub_id%3D5e7a66adef28642bc90fec33%26wtrd_offer_...
  • https://l.sharethis.com/sc?event=pview&hostname=heaterprox.com&location=%2F&product=inline-share-buttons&url=https%3A%2F%2Fheaterprox.com%2F%3Fwidipub_id%3D5e7a66adef28642bc90fec33%26wtrd_offer_id%...
177 B
697 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/sc?event=pview&hostname=heaterprox.com&location=%2F&product=inline-share-buttons&url=https%3A%2F%2Fheaterprox.com%2F%3Fwidipub_id%3D5e7a66adef28642bc90fec33%26wtrd_offer_id%3D5ffc4e5d1a2caa0db8279f34%26wtrd_offer_pids%3D616d4d479a270568a468ee63%26wtrd_offer_lids%3D5ffc4e9408feac201a60b82a%26widipub_custom1%3Dda75cf75292f4e4aa13450a0a0246c60%26widipub_custom2%3D4072&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Heater%20Pro%20X&refDomain=herdone.us&cms=unknown&publisher=5c62beeb7056550011c49dca&sop=true&version=st_sop.js&lang=en&description=The%20portable%20heater%20that%27s%20killing%20it%20in%20sales.&samesite=None
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Protocol
HTTP/1.1
Server
18.119.23.78 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-119-23-78.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
0691b5d786c9a5a1296c1c314a11317b5cc99abeb06b4c54901d22490e9b0948
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 12 Oct 2022 17:29:28 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://heaterprox.com
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Stid
ZHwACWNG+XgAAAAJHA2LAw==
Access-Control-Allow-Headers
*
Content-Length
177
X-Robots-Tag
noindex, nofollow

Redirect headers

Date
Wed, 12 Oct 2022 17:29:28 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://heaterprox.com
Location
/sc?event=pview&hostname=heaterprox.com&location=%2F&product=inline-share-buttons&url=https%3A%2F%2Fheaterprox.com%2F%3Fwidipub_id%3D5e7a66adef28642bc90fec33%26wtrd_offer_id%3D5ffc4e5d1a2caa0db8279f34%26wtrd_offer_pids%3D616d4d479a270568a468ee63%26wtrd_offer_lids%3D5ffc4e9408feac201a60b82a%26widipub_custom1%3Dda75cf75292f4e4aa13450a0a0246c60%26widipub_custom2%3D4072&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Heater%20Pro%20X&refDomain=herdone.us&cms=unknown&publisher=5c62beeb7056550011c49dca&sop=true&version=st_sop.js&lang=en&description=The%20portable%20heater%20that%27s%20killing%20it%20in%20sales.&samesite=None
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Stid
ZHwACWNG+XgAAAAJHA2LAw==
Access-Control-Allow-Headers
*
Content-Length
751
X-Robots-Tag
noindex, nofollow
log
l.sharethis.com/ 		0
697 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.sharethis.com/log?event=ibl&title=&url=http%3A%2F%2Fherdone.us%2F&fcmp=false&fcmpv2=false&has_segmentio=false&product=inline-share-buttons&publisher=5c62beeb7056550011c49dca&refDomain=herdone.us&refQuery=&source=sharethis.js&ts=1665595767870&sop=true&cms=unknown&description=The%20portable%20heater%20that%27s%20killing%20it%20in%20sales.
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.119.23.78 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-119-23-78.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Wed, 12 Oct 2022 17:29:28 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Stid
ZH4AC2NG+XgAAAAIFIq3Aw==
Access-Control-Allow-Headers
*
X-Robots-Tag
noindex, nofollow
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NGZ7Z7Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 12 Oct 2022 17:02:20 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
1628
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Wed, 12 Oct 2022 19:02:20 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NGZ7Z7Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
cafe /
Resource Hash
195f3c8ce18239cd241304be4a02c70892564caf8a139f6035b853fe212bab3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 17:29:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15196
x-xss-protection
0
server
cafe
etag
7222976147654879957
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 12 Oct 2022 17:29:28 GMT
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NGZ7Z7Q
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Wed, 12 Oct 2022 17:29:28 GMT
last-modified
Thu, 28 Jul 2022 17:32:37 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2941717909864CDBB29C17552C819733 Ref B: CHGEDGE1709 Ref C: 2022-10-12T17:29:28Z
etag
"80a8697a8a2d81:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
11367
core.js
s.pinimg.com/ct/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NGZ7Z7Q
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:5000:58c::1931 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c75d8bdd1d5498551294cf4551304e5c2158b9788ac1779d03a2edd611a6c93e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

akamai-x-true-ttl
7200
x-cdn
akamai
etag
"ef33a337cb7aa4b4f9c294765d2176c0"
vary
Accept-Encoding, Origin
access-control-max-age
86400
content-type
application/javascript
access-control-allow-origin
*
access-control-allow-methods
GET
access-control-expose-headers
X-CDN
cache-control
max-age=7200
accept-ranges
bytes
content-length
1146
events.js
analytics.tiktok.com/i18n/pixel/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C6SSIJA8DUFA74AOIG80&lib=ttq
Requested by
Host: herdone.us
URL: http://herdone.us/rd/c6043nynlF442904byPF2506Tao6044zRuS997
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.71.130.41 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-71-130-41.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
5caa8a9fa65c367f88f564d48f724abb11a233749810577ca46da068fae49ee2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-akamai-request-id
c4cf351
date
Wed, 12 Oct 2022 17:29:28 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-71-130-37.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
server-timing
inner; dur=3, cdn-cache; desc=MISS, edge; dur=1, origin; dur=19
content-length
988
pragma
no-cache
server
nginx
x-tt-logid
2022101217292854A94C931FB9E2F908F5
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
19,104.71.130.37
x-tt-trace-host
01695441e5612fb3235feb17eb9545a7e545a10ae6cd491cdb2b44d7246d4893ae9a84ea183876734bd5da0405a26aff4d7cf872ee4d5c27195aa3df8223c2018ab792b1affa612969176226f5fdd0e512
expires
Wed, 12 Oct 2022 17:29:28 GMT
js
www.googletagmanager.com/gtag/ 		212 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TP7YK51HJS&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NGZ7Z7Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2008 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
890088e076aee96f4c126129c2a3f8d38f7628fd65d7eb05b16a7a625b68ef84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 17:29:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
75600
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 12 Oct 2022 17:29:28 GMT
js
www.googletagmanager.com/gtag/ 		219 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1WLPSRY6F2&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NGZ7Z7Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2008 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c3d708d294469772bdf055ec6fd061a3b43a2542e0091162f28ba43f969d4539
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 17:29:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77238
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 12 Oct 2022 17:29:28 GMT
fbevents.js
connect.facebook.net/en_US/ 		101 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: herdone.us
URL: http://herdone.us/rd/c6043nynlF442904byPF2506Tao6044zRuS997
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f082:9:face:b00c:0:3 Chicago, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b81cc6d28cbf3df9c6127a05a865bef0842d917507cce946712974e748110957
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 12 Oct 2022 17:29:28 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26852
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
M5YcOsZFfIDtx3q6YU8UaJYUdBXMjuw4cQPtpd1tSV7429Y0Ie4HHB+Wy4qD9031Cl+USzzjMAouA2O20CUeTw==
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
identity.js
connect.facebook.net/signals/plugins/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.84
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f082:9:face:b00c:0:3 Chicago, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b9d52f002201be697fbc0ebf4bdcc61d6c01d0bb1359213e62c67e21850047
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 12 Oct 2022 17:29:28 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
20715
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
dngthFC4nH8MEBhcFipOytSu8gBboAvXKZrxEKTjhf73SSaBSKil/Xu0sv9IoHIMaZjl+hGhCal2WyMddEZ/BQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
441305948034561
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/441305948034561?v=2.9.84&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f082:9:face:b00c:0:3 Chicago, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9a271b8848f1bfcf2f03ea26a2211f699ce3d302d3163476a64644a19babb1c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 12 Oct 2022 17:29:28 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
85968
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
F0yOtENuqNAf1Y1WhGxOYl6deZ7CdUzjktrPXpQLqSuYQcCTCEPjpwRU+MckBMn0/57KLF7+6ASCpWrF1tcb5A==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 16:51:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
2268
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1129
x-xss-protection
0
last-modified
Thu, 30 Dec 2021 12:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 12 Oct 2022 17:51:40 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-123669295-1&cid=804920320.1665595768&jid=538924900&gjid=430764033&_gid=545166917.1665595768&_u=YGBAgEALAAAAAEAAIC~&z=1538152132
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://heaterprox.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 12 Oct 2022 17:29:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://heaterprox.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=969621612&t=pageview&_s=1&dl=https%3A%2F%2Fheaterprox.com%2F%3Fwidipub_id%3D5e7a66adef28642bc90fec33%26wtrd_offer_id%3D5ffc4e5d1a2caa0db8279f34%26wtrd_offer_pids%3D616d4d479a270568a468ee63%26wtrd_offer_lids%3D5ffc4e9408feac201a60b82a%26widipub_custom1%3Dda75cf75292f4e4aa13450a0a0246c60%26widipub_custom2%3D4072&dr=http%3A%2F%2Fherdone.us%2F&ul=en-us&de=UTF-8&dt=Heater%20Pro%20X&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAAEALAAAAAGAAIC~&jid=1405000658&gjid=1944717442&cid=804920320.1665595768&tid=UA-243070178-1&_gid=545166917.1665595768&_r=1&gtm=2wgaa0NGZ7Z7Q&z=556814224
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://heaterprox.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 12 Oct 2022 17:29:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://heaterprox.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=969621612&t=pageview&_s=1&dl=https%3A%2F%2Fheaterprox.com%2F%3Fwidipub_id%3D5e7a66adef28642bc90fec33%26wtrd_offer_id%3D5ffc4e5d1a2caa0db8279f34%26wtrd_offer_pids%3D616d4d479a270568a468ee63%26wtrd_offer_lids%3D5ffc4e9408feac201a60b82a%26widipub_custom1%3Dda75cf75292f4e4aa13450a0a0246c60%26widipub_custom2%3D4072&dr=http%3A%2F%2Fherdone.us%2F&ul=en-us&de=UTF-8&dt=Heater%20Pro%20X&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEALAAAAAAAAIC~&jid=538924900&gjid=430764033&cid=804920320.1665595768&tid=UA-123669295-1&_gid=545166917.1665595768&gtm=2wgaa0NGZ7Z7Q&z=2135632366
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Oct 2022 08:46:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
31396
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=441305948034561&ev=PageView&dl=https%3A%2F%2Fheaterprox.com%2F%3Fwidipub_id%3D5e7a66adef28642bc90fec33%26wtrd_offer_id%3D5ffc4e5d1a2caa0db8279f34%26wtrd_offer_pids%3D616d4d479a270568a468ee63%26wtrd_offer_lids%3D5ffc4e9408feac201a60b82a%26widipub_custom1%3Dda75cf75292f4e4aa13450a0a0246c60%26widipub_custom2%3D4072&rl=http%3A%2F%2Fherdone.us%2F&if=false&ts=1665595768306&sw=1600&sh=1200&ud[fn]=eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c&ud[ln]=eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c&ud[ph]=eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c&ud[ct]=eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c&ud[st]=68bca10eea2ba33f6f15a6ab0c7df2a49051a6541f9118d468b0585d5d60398b&ud[zp]=eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c&ud[country]=eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c&v=2.9.84&r=stable&ec=0&o=62&fbp=fb.1.1665595768304.867247053&it=1665595768163&coo=false&eid=68c090f5-77e8-4577-bca2-12c240d97415_1665595767550.17&rqm=GET
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 12 Oct 2022 17:29:28 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
main.3a217bc7.js
s.pinimg.com/ct/lib/ 		0
0
142003544.js
bat.bing.com/p/action/ 		0
137 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/142003544.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ARR/3.0
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 12 Oct 2022 17:29:28 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: CDC84E32EA2B48E3BA9D72AE3FC1655D Ref B: CHGEDGE1709 Ref C: 2022-10-12T17:29:28Z
x-powered-by
ARR/3.0
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
private,max-age=1800
0
bat.bing.com/action/ 		0
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=142003544&tm=gtm002&Ver=2&mid=dc205162-3917-470b-8e73-39b8a063dc36&sid=6c9a45604a5311edb380b92b5e21a0ed&vid=6c9a77704a5311edbc8c7d7c3529cded&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Heater%20Pro%20X&p=https%3A%2F%2Fheaterprox.com%2F%3Fwidipub_id%3D5e7a66adef28642bc90fec33%26wtrd_offer_id%3D5ffc4e5d1a2caa0db8279f34%26wtrd_offer_pids%3D616d4d479a270568a468ee63%26wtrd_offer_lids%3D5ffc4e9408feac201a60b82a%26widipub_custom1%3Dda75cf75292f4e4aa13450a0a0246c60%26widipub_custom2%3D4072&r=http%3A%2F%2Fherdone.us%2F&lt=1911&evt=pageLoad&sv=1&rn=241360
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 12 Oct 2022 17:29:28 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4A906FB556744D14A3ACDD5E8C511739 Ref B: CHGEDGE1709 Ref C: 2022-10-12T17:29:28Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=969621612&t=event&ni=1&_s=1&dl=https%3A%2F%2Fheaterprox.com%2F%3Fwidipub_id%3D5e7a66adef28642bc90fec33%26wtrd_offer_id%3D5ffc4e5d1a2caa0db8279f34%26wtrd_offer_pids%3D616d4d479a270568a468ee63%26wtrd_offer_lids%3D5ffc4e9408feac201a60b82a%26widipub_custom1%3Dda75cf75292f4e4aa13450a0a0246c60%26widipub_custom2%3D4072&dr=http%3A%2F%2Fherdone.us%2F&ul=en-us&de=UTF-8&dt=Heater%20Pro%20X&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ecommerce&ea=product_detail&el=%2F&_u=aGDAgEALAAAAAGAMIC~&jid=&gjid=&cid=804920320.1665595768&tid=UA-123669295-1&_gid=545166917.1665595768&gtm=2wgaa0NGZ7Z7Q&pal=prelanding&pa=detail&pr1nm=Heater%20Pro%20X&pr1id=5ffc43a1c80c2e2c400de052&pr1br=Ecom7%20Limited&pr1ca=Gadgets&z=1088944296
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Oct 2022 08:46:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
31396
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-123669295-1&cid=804920320.1665595768&jid=538924900&_u=YGBAgEALAAAAAEAAIC~&z=1630699334
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Oct 2022 17:29:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		2 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-243070178-1&cid=804920320.1665595768&jid=1405000658&gjid=1944717442&_gid=545166917.1665595768&_u=YGDAAEALAAAAAGAAIC~&z=2081022392
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://heaterprox.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 12 Oct 2022 17:29:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://heaterprox.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-1WLPSRY6F2&gtm=2oeaa0&_p=969621612&cid=804920320.1665595768&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1665595768&sct=1&seg=0&dl=https%3A%2F%2Fheaterprox.com%2F%3Fwidipub_id%3D5e7a66adef28642bc90fec33%26wtrd_offer_id%3D5ffc4e5d1a2caa0db8279f34%26wtrd_offer_pids%3D616d4d479a270568a468ee63%26wtrd_offer_lids%3D5ffc4e9408feac201a60b82a%26widipub_custom1%3Dda75cf75292f4e4aa13450a0a0246c60%26widipub_custom2%3D4072&dr=http%3A%2F%2Fherdone.us%2F&dt=Heater%20Pro%20X&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1WLPSRY6F2&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Oct 2022 17:29:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://heaterprox.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-TP7YK51HJS&gtm=2oeaa0&_p=969621612&cid=804920320.1665595768&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1665595768&sct=1&seg=0&dl=https%3A%2F%2Fheaterprox.com%2F%3Fwidipub_id%3D5e7a66adef28642bc90fec33%26wtrd_offer_id%3D5ffc4e5d1a2caa0db8279f34%26wtrd_offer_pids%3D616d4d479a270568a468ee63%26wtrd_offer_lids%3D5ffc4e9408feac201a60b82a%26widipub_custom1%3Dda75cf75292f4e4aa13450a0a0246c60%26widipub_custom2%3D4072&dr=http%3A%2F%2Fherdone.us%2F&dt=Heater%20Pro%20X&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TP7YK51HJS&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Oct 2022 17:29:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://heaterprox.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-TP7YK51HJS&gtm=2oeaa0&_p=969621612&cid=804920320.1665595768&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&cu=EUR&sid=1665595768&sct=1&seg=0&dl=https%3A%2F%2Fheaterprox.com%2F%3Fwidipub_id%3D5e7a66adef28642bc90fec33%26wtrd_offer_id%3D5ffc4e5d1a2caa0db8279f34%26wtrd_offer_pids%3D616d4d479a270568a468ee63%26wtrd_offer_lids%3D5ffc4e9408feac201a60b82a%26widipub_custom1%3Dda75cf75292f4e4aa13450a0a0246c60%26widipub_custom2%3D4072&dr=http%3A%2F%2Fherdone.us%2F&dt=Heater%20Pro%20X&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TP7YK51HJS&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heaterprox.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 12 Oct 2022 17:29:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://heaterprox.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.Mi4wLjAuNTZfMA.js
analytics.tiktok.com/i18n/pixel/static/ 		324 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.Mi4wLjAuNTZfMA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C6SSIJA8DUFA74AOIG80&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.71.130.41 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-71-130-41.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
18b5a4e9344ec42545b86ac639ca57c054944d17a3aab1cd5af9199698ddd032

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-akamai-request-id
c4cf3a8
date
Wed, 12 Oct 2022 17:29:28 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202210111319322D7C707BC582302972A3
vary
Accept-Encoding
x-cache
TCP_HIT from a104-71-130-37.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
019e23a3f87e06ebee7ef9beb2b28dcf25c67ce80867f4472a185d918f270f1ce2a87a309f3ac8e4df7a14bb9a961978ee7748face6bdbdfdc7bc6d62334fa2f1992c15b51a2bf97afbca467d720d26bc1
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=28
content-length
94415
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-243070178-1&cid=804920320.1665595768&jid=1405000658&_u=YGDAAEALAAAAAGAAIC~&z=588664922
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Oct 2022 17:29:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
get_counts
count-server.sharethis.com/v2.0/ 		723 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Fheaterprox.com%2F%3Fwidipub_id%3D5e7a66adef28642bc90fec33%26wtrd_offer_id%3D5ffc4e5d1a2caa0db8279f34%26wtrd_offer_pids%3D616d4d479a270568a468ee63%26wtrd_offer_lids%3D5ffc4e9408feac201a60b82a%26widipub_custom1%3Dda75cf75292f4e4aa13450a0a0246c60%26widipub_custom2%3D4072%26wtrd_sectionId%3Dsharethis%26wtrd_sectName%3Dsharethis
Requested by
Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-30.jfk50.r.cloudfront.net
Software
/
Resource Hash
6f2bfb3f6bd6ee6376bdef718bb23af6b32b86320ad05367f0b90d6092878007
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 17:29:28 GMT
via
1.1 dee3e3075e44bf98642bfe89cb38088a.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
JFK50-P8
etag
74d3760248882490165ad2d61bca240c
x-cache
Miss from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
content-length
723
apigw-requestid
Z5vq5heEIAMEJ4w=
x-amz-cf-id
hK_HutfhfwwDPbo-dsDxP0ii6BwzKQxyzRvH7otxeYXm2lSmSE_ZJw==
facebook.svg
platform-cdn.sharethis.com/img/ 		301 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/facebook.svg
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:a200:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 09:18:09 GMT
via
1.1 2d922ab79d41a826404f05ff416bb98c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C1
age
1584680
etag
"c6e9be45643e197ce1db1d7e24a99adc"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
301
x-amz-cf-id
t4BtUwZF-TsTs-6kfhWy49zNXRwOtyPl4QnpSxlmOjRtMrR_F3OHHg==
messenger.svg
platform-cdn.sharethis.com/img/ 		372 B
797 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/messenger.svg
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:a200:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2986551fd9e82929eabb8cba7c44f74a28d8496c744893432f067b320dff55da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 06:30:19 GMT
via
1.1 2d922ab79d41a826404f05ff416bb98c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C1
age
989950
etag
"a5aa43fa302867d3e888ac2f69b7b288"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
372
x-amz-cf-id
zs4pfinxPV7uh26vi0KieRJFiPxMWvXirLhuiFbjgqUWMjvN4qSInw==
email.svg
platform-cdn.sharethis.com/img/ 		343 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/email.svg
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:a200:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 06:29:53 GMT
via
1.1 2d922ab79d41a826404f05ff416bb98c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C1
age
989976
etag
"5977437466e857c7ddcadda6f6d88c2a"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
343
x-amz-cf-id
HQ0x8VMcS5oaZpel_bnGG2nOJFTrqYcKP1EXCutX87QUzJ58G2ijAw==
whatsapp.svg
platform-cdn.sharethis.com/img/ 		832 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/whatsapp.svg
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:a200:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 06:30:13 GMT
via
1.1 2d922ab79d41a826404f05ff416bb98c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Oct 2019 01:20:13 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C1
age
989956
etag
"afe7fc60ed757db39a88d2950fce69c9"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
832
x-amz-cf-id
1WAo9pf2w0DFQtWSUdzXEOZYduBTEslX-uuUgHkcozs9op7ZuAd1PQ==
arrow_left.svg
platform-cdn.sharethis.com/img/ 		565 B
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/arrow_left.svg
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:a200:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 06:30:05 GMT
via
1.1 2d922ab79d41a826404f05ff416bb98c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C1
age
989964
etag
"b55d8d2b9321e381a3c38a4bddb74037"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
565
x-amz-cf-id
FIPnafwt6nmUeHqgNROIp_MyPC-9P1AvrkEcRVBUt5OUMJxl2cyHrQ==
arrow_right.svg
platform-cdn.sharethis.com/img/ 		565 B
989 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform-cdn.sharethis.com/img/arrow_right.svg
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:a200:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Sat, 01 Oct 2022 06:30:05 GMT
via
1.1 2d922ab79d41a826404f05ff416bb98c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 10 Oct 2019 01:20:12 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C1
age
989964
etag
"9928d025bd5792b718ee0a185f62e67c"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/svg+xml
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
565
x-amz-cf-id
b-tjPjupay8OcuO9iP3WzCbSQj7gfhrXQ2w9oQRpUIajV5rU_Os9Zg==
bundle.min.js
browser.sentry-cdn.com/6.17.4/ Frame 622D 		63 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/6.17.4/bundle.min.js
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/iframe-gtm2/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
d4538b500dbad64b4c530857d7faf7d63bf921bcab573e94160c459ce859c90d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://heaterprox.com/
Origin
https://heaterprox.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 17:29:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Wed, 02 Feb 2022 15:42:58 GMT
server
Fastly
age
132616
etag
"456782718f10c0d95baf1a859662a1e9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
20491
expires
Wed, 11 Oct 2023 04:39:12 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
550 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.Mi4wLjAuNTZfMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.71.130.41 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-71-130-41.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heaterprox.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 12 Oct 2022 17:29:28 GMT
x-akamai-request-id
c4cf477
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server
nginx
x-tt-logid
20221012172928C9490BFDCDD79AFCE0AB
x-cache
TCP_MISS from a104-71-130-37.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
124,104.71.130.37
x-tt-trace-host
01695441e5612fb3235feb17eb9545a7e545a10ae6cd491cdb2b44d7246d4893ae4dcf57625f343041d61bc6f68748dda69d7fec676ed4fead4870cbe50de6357e8fa03f632966482bd82d54cabcb29209
server-timing
inner; dur=115, cdn-cache; desc=MISS, edge; dur=12, origin; dur=124
content-length
0
expires
Wed, 12 Oct 2022 17:29:28 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
549 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.Mi4wLjAuNTZfMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.71.130.41 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-71-130-41.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://heaterprox.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 12 Oct 2022 17:29:28 GMT
x-akamai-request-id
c4cf47c
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server
nginx
x-tt-logid
2022101217292854A94C931FB9E2F90962
x-cache
TCP_MISS from a104-71-130-37.deploy.akamaitechnologies.com (AkamaiGHost/10.9.5-44356082) (-)
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
126,104.71.130.37
x-tt-trace-host
01695441e5612fb3235feb17eb9545a7e545a10ae6cd491cdb2b44d7246d4893ae92395e9fe2cbbf3735fcf56295648e8ac00d2f512af383ef3f263f8b842d73b12a8e50c361d30d3967a4b5e3a25a30cf
server-timing
inner; dur=117, cdn-cache; desc=MISS, edge; dur=10, origin; dur=126
content-length
0
expires
Wed, 12 Oct 2022 17:29:28 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/787909066/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/787909066/?random=1665595768643&cv=9&fst=1665595768643&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaa0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fheaterprox.com%2F%3Fwidipub_id%3D5e7a66adef28642bc90fec33%26wtrd_offer_id%3D5ffc4e5d1a2caa0db8279f34%26wtrd_offer_pids%3D616d4d479a270568a468ee63%26wtrd_offer_lids%3D5ffc4e9408feac201a60b82a%26widipub_custom1%3Dda75cf75292f4e4aa13450a0a0246c60%26widipub_custom2%3D4072&ref=http%3A%2F%2Fherdone.us%2F&tiba=Heater%20Pro%20X&auid=1683326889.1665595768&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45a6b1925046e7e5736e0e42a5e2023d33a4510a412dc8a7460e75ed2c229605
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Oct 2022 17:29:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1145
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/652536324/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/652536324/?random=1665595768645&cv=9&fst=1665595768645&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaa0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fheaterprox.com%2F%3Fwidipub_id%3D5e7a66adef28642bc90fec33%26wtrd_offer_id%3D5ffc4e5d1a2caa0db8279f34%26wtrd_offer_pids%3D616d4d479a270568a468ee63%26wtrd_offer_lids%3D5ffc4e9408feac201a60b82a%26widipub_custom1%3Dda75cf75292f4e4aa13450a0a0246c60%26widipub_custom2%3D4072&ref=http%3A%2F%2Fherdone.us%2F&tiba=Heater%20Pro%20X&auid=1683326889.1665595768&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c52d14831549c26fdf91939a96b0f08b0f312727aaf372ff8ec58e401872131
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Oct 2022 17:29:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1153
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10992351212/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10992351212/?random=1665595768646&cv=9&fst=1665595768646&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaa0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fheaterprox.com%2F%3Fwidipub_id%3D5e7a66adef28642bc90fec33%26wtrd_offer_id%3D5ffc4e5d1a2caa0db8279f34%26wtrd_offer_pids%3D616d4d479a270568a468ee63%26wtrd_offer_lids%3D5ffc4e9408feac201a60b82a%26widipub_custom1%3Dda75cf75292f4e4aa13450a0a0246c60%26widipub_custom2%3D4072&ref=http%3A%2F%2Fherdone.us%2F&tiba=Heater%20Pro%20X&auid=1683326889.1665595768&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
52c00e7514754d28cb64d5208675cd58211d979a967c9d067de4d6aea916ff90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Oct 2022 17:29:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1155
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gtm.js
www.googletagmanager.com/ Frame 622D 		189 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KTQTVSN
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/iframe-gtm2/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2008 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4baedca6a41d0f7dc697307f0f07d14e639ee585d9166d5e09cd2367bf4b411e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 17:29:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
67828
x-xss-protection
0
last-modified
Wed, 12 Oct 2022 16:11:09 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 12 Oct 2022 17:29:28 GMT
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=441305948034561&ev=Microdata&dl=https%3A%2F%2Fheaterprox.com%2F%3Fwidipub_id%3D5e7a66adef28642bc90fec33%26wtrd_offer_id%3D5ffc4e5d1a2caa0db8279f34%26wtrd_offer_pids%3D616d4d479a270568a468ee63%26wtrd_offer_lids%3D5ffc4e9408feac201a60b82a%26widipub_custom1%3Dda75cf75292f4e4aa13450a0a0246c60%26widipub_custom2%3D4072&rl=http%3A%2F%2Fherdone.us%2F&if=false&ts=1665595768810&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%20%20%20%20Heater%20Pro%20X%5Cn%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Heater%20Pro%20X%22%2C%22og%3Adescription%22%3A%22The%20portable%20heater%20that%27s%20killing%20it%20in%20sales.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fassets.widitrade.com%2Fassets%2Fproducts%2F5ffc43a1c80c2e2c400de052%2Fproduct1.png%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fheaterprox.com%2F%3Fwidipub_id%3D5e7a66adef28642bc90fec33%26wtrd_offer_id%3D5ffc4e5d1a2caa0db8279f34%26wtrd_offer_pids%3D616d4d479a270568a468ee63%26wtrd_offer_lids%3D5ffc4e9408feac201a60b82a%26widipub_custom1%3Dda75cf75292f4e4aa13450a0a0246c60%26widipub_custom2%3D4072%26wtrd_sectionId%3Dsharethis%26wtrd_sectName%3Dsharethis%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&ud[fn]=eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c&ud[ln]=eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c&ud[ph]=eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c&ud[ct]=eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c&ud[st]=68bca10eea2ba33f6f15a6ab0c7df2a49051a6541f9118d468b0585d5d60398b&ud[zp]=eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c&ud[country]=eb045d78d273107348b0300c01d29b7552d622abbc6faf81b3ec55359aa9950c&v=2.9.84&r=stable&ec=1&o=62&fbp=fb.1.1665595768304.867247053&it=1665595768163&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 12 Oct 2022 17:29:28 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
/
www.google.com/pagead/1p-user-list/652536324/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/652536324/?random=1665595768645&cv=9&fst=1665594000000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaa0&sendb=1&frm=0&url=https%3A%2F%2Fheaterprox.com%2F%3Fwidipub_id%3D5e7a66adef28642bc90fec33%26wtrd_offer_id%3D5ffc4e5d1a2caa0db8279f34%26wtrd_offer_pids%3D616d4d479a270568a468ee63%26wtrd_offer_lids%3D5ffc4e9408feac201a60b82a%26widipub_custom1%3Dda75cf75292f4e4aa13450a0a0246c60%26widipub_custom2%3D4072&ref=http%3A%2F%2Fherdone.us%2F&tiba=Heater%20Pro%20X&async=1&fmt=3&is_vtc=1&random=399588224&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Oct 2022 17:29:28 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/10992351212/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/10992351212/?random=1665595768646&cv=9&fst=1665594000000&num=1&bg=ffffff&guid=ON&eid=376635470&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaa0&sendb=1&frm=0&url=https%3A%2F%2Fheaterprox.com%2F%3Fwidipub_id%3D5e7a66adef28642bc90fec33%26wtrd_offer_id%3D5ffc4e5d1a2caa0db8279f34%26wtrd_offer_pids%3D616d4d479a270568a468ee63%26wtrd_offer_lids%3D5ffc4e9408feac201a60b82a%26widipub_custom1%3Dda75cf75292f4e4aa13450a0a0246c60%26widipub_custom2%3D4072&ref=http%3A%2F%2Fherdone.us%2F&tiba=Heater%20Pro%20X&async=1&fmt=3&is_vtc=1&random=876945298&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Oct 2022 17:29:28 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/787909066/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/787909066/?random=1665595768643&cv=9&fst=1665594000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaa0&sendb=1&frm=0&url=https%3A%2F%2Fheaterprox.com%2F%3Fwidipub_id%3D5e7a66adef28642bc90fec33%26wtrd_offer_id%3D5ffc4e5d1a2caa0db8279f34%26wtrd_offer_pids%3D616d4d479a270568a468ee63%26wtrd_offer_lids%3D5ffc4e9408feac201a60b82a%26widipub_custom1%3Dda75cf75292f4e4aa13450a0a0246c60%26widipub_custom2%3D4072&ref=http%3A%2F%2Fherdone.us%2F&tiba=Heater%20Pro%20X&async=1&fmt=3&is_vtc=1&random=2007396555&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: heaterprox.com
URL: https://heaterprox.com/?widipub_id=5e7a66adef28642bc90fec33&wtrd_offer_id=5ffc4e5d1a2caa0db8279f34&wtrd_offer_pids=616d4d479a270568a468ee63&wtrd_offer_lids=5ffc4e9408feac201a60b82a&widipub_custom1=da75cf75292f4e4aa13450a0a0246c60&widipub_custom2=4072
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Oct 2022 17:29:28 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
gtm-wxbzjqd-n2y1z.uc.r.appspot.com/g/ 		65 B
737 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gtm-wxbzjqd-n2y1z.uc.r.appspot.com/g/collect?v=2&tid=G-TP7YK51HJS&gtm=2oeaa0&_p=969621612&cid=804920320.1665595768&ul=en-us&sr=1600x1200&_fplc=0&_uc=US&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=3&sid=1665595768&sct=1&seg=1&dl=https%3A%2F%2Fheaterprox.com%2F%3Fwidipub_id%3D5e7a66adef28642bc90fec33%26wtrd_offer_id%3D5ffc4e5d1a2caa0db8279f34%26wtrd_offer_pids%3D616d4d479a270568a468ee63%26wtrd_offer_lids%3D5ffc4e9408feac201a60b82a%26widipub_custom1%3Dda75cf75292f4e4aa13450a0a0246c60%26widipub_custom2%3D4072&dr=http%3A%2F%2Fherdone.us%2F&dt=Heater%20Pro%20X&en=page_view&ep.event_id=68c090f5-77e8-4577-bca2-12c240d97415_1665595767550.17&_et=1&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TP7YK51HJS&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::99 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://heaterprox.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 12 Oct 2022 17:29:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Google Frontend
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://heaterprox.com
x-cloud-trace-context
7f5d8034be6e13487fc8ab49b7158326
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
90
expires
Wed, 12 Oct 2022 17:29:29 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s.pinimg.com
URL
https://s.pinimg.com/ct/lib/main.3a217bc7.js

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| Sentry object| __SENTRY__ object| dataLayer object| Routing object| fos object| widiGTM2Events string| e string| t object| n number| r function| $ function| jQuery object| core object| __core-js_shared__ object| firebase function| moment number| uidEvent object| bootstrap function| debounce function| offset object| ctaFixed object| offsetSection4 number| untilSection4 object| footerBlog function| getTranslateY object| config function| callAjax string| url object| paramReg undefined| value object| st object| __stdos__ boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus function| __sharethis__docReady object| __sharethis__ object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| pintrk string| TiktokAnalyticsObject object| ttq function| fbq function| _fbq object| gaplugins object| gaGlobal object| gaData function| UET function| UET_init function| UET_push object| ueto_f460b008e4 object| uetq function| onYouTubeIframeAPIReady object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO

24 Cookies

Domain/Path Name / Value
heaterprox.com/ Name: PHPSESSID
Value: 6fb2b70c2fb434b20730b9193b156e9b
heaterprox.com/ Name: wtrd_pp
Value: 5a912d52fd5535605412fa43
heaterprox.com/ Name: wtrd_click
Value: 6346f977b80494725136ad14
.heaterprox.com/ Name: _gcl_au
Value: 1.1.1683326889.1665595768
.sharethis.com/ Name: __stidv
Value: 2
.sharethis.com/ Name: __stid
Value: ZH4AC2NG+XgAAAAIFIq3Aw==
.heaterprox.com/ Name: _gid
Value: GA1.2.545166917.1665595768
.heaterprox.com/ Name: _dc_gtm_UA-123669295-1
Value: 1
.heaterprox.com/ Name: _gat_UA-243070178-1
Value: 1
.heaterprox.com/ Name: fpestid
Value: cO-SoxWRr-XHCw3jg9RgJqIp1K-pUisLhdrSr4aLNz8aQ14ptoGUCfnFQNk3HR8KAnTWVA
.bing.com/ Name: MUID
Value: 0D8332EAD6E36FB1010520D1D79D6E55
.bat.bing.com/ Name: MR
Value: 0
.heaterprox.com/ Name: _fbp
Value: fb.1.1665595768304.867247053
.heaterprox.com/ Name: _uetsid
Value: 6c9a45604a5311edb380b92b5e21a0ed
.heaterprox.com/ Name: _uetvid
Value: 6c9a77704a5311edbc8c7d7c3529cded
.heaterprox.com/ Name: _ga_1WLPSRY6F2
Value: GS1.1.1665595768.1.0.1665595768.0.0.0
.heaterprox.com/ Name: _ga
Value: GA1.1.804920320.1665595768
.heaterprox.com/ Name: _ga_TP7YK51HJS
Value: GS1.1.1665595768.1.1.1665595768.0.0.0
.heaterprox.com/ Name: _tt_enable_cookie
Value: 1
.heaterprox.com/ Name: _ttp
Value: 1e60b061-a3f1-49f3-8793-d55b397bfb5f
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
heaterprox.com/ Name: wtrd_customer
Value: %7B%225e011442ef28642e5a624242%22%3A%226346f9793695e5341c551dca%22%7D
heaterprox.com/ Name: wtrd_networkClick
Value: 1
heaterprox.com/ Name: wtrd_publisher
Value: 5e7a66adef28642bc90fec33

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
assets.widitrade.com
bat.bing.com
browser.sentry-cdn.com
buttons-config.sharethis.com
cdn.jsdelivr.net
cdn.widitrade.com
cdnjs.cloudflare.com
connect.facebook.net
count-server.sharethis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gtm-wxbzjqd-n2y1z.uc.r.appspot.com
heaterprox.com
herdone.us
images.dmca.com
l.sharethis.com
platform-api.sharethis.com
platform-cdn.sharethis.com
s.pinimg.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.makeingmes.com
s.pinimg.com
104.71.130.41
13.225.214.96
13.35.93.30
142.251.40.194
151.139.242.29
18.119.23.78
181.214.242.99
212.36.83.70
212.83.58.221
2600:141b:5000:58c::1931
2600:9000:21da:a200:1d:85c3:6640:93a1
2600:9000:2511:bc00:c:abe:f440:93a1
2606:4700::6810:5514
2606:4700::6811:180e
2607:f8b0:4004:c07::99
2607:f8b0:4004:c1b::9d
2607:f8b0:4006:808::2004
2607:f8b0:4006:809::2003
2607:f8b0:4006:80a::2003
2607:f8b0:4006:80f::2002
2607:f8b0:4006:81f::2008
2607:f8b0:4006:823::200a
2607:f8b0:4006:823::200e
2620:1ec:c11::200
2a02:6ea0:c400::11
2a02:6ea0:c400::19
2a03:2880:f082:9:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
2a04:4e42:400::729
05304a8f26373142efa126a87977201cbc22d408c573f151ee2907933e9099f7
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0691b5d786c9a5a1296c1c314a11317b5cc99abeb06b4c54901d22490e9b0948
08f0be3149fb34d24c91045b25de9d1e40844b9d69ad195e4b2b586c5c8e173a
0d4f6240127cf5d1cfda2caeb0283efb4c9c879e43031f102fa3fc09853ae1b2
102626a6fcf34e6019d06b8c7b4f7ff47d8eb134b4096a8fd746360bbb9adadc
1066274fa5181ca6b56282204d3533f6f19f22ea5295c47451449920e9f578eb
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
18b5a4e9344ec42545b86ac639ca57c054944d17a3aab1cd5af9199698ddd032
195f3c8ce18239cd241304be4a02c70892564caf8a139f6035b853fe212bab3a
1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e
1f3ab993059ec499e97516abc831c0d77f36e5735a99f4a88e42531da047c5d9
2699316cb83af2502422d101e81564b0492785cab2fdfbdc256f90e1c4ad5606
2986551fd9e82929eabb8cba7c44f74a28d8496c744893432f067b320dff55da
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
33966c6e2f64a299020f0de1a75b93e7888322dfb5033859e8ea788574a58b10
355f7006c51bf15489ca30f52234afbd82c4552827f00979513d2bbc6e744feb
361830d0d799a7398230eb99a73a546c5695d4a2171b9806de91637aec0a0287
41d23e53f0a30ac4a2e2505c783664f7c216866e26bff7f5494f0a2a0714cecf
45a6b1925046e7e5736e0e42a5e2023d33a4510a412dc8a7460e75ed2c229605
4baedca6a41d0f7dc697307f0f07d14e639ee585d9166d5e09cd2367bf4b411e
4c52d14831549c26fdf91939a96b0f08b0f312727aaf372ff8ec58e401872131
52c00e7514754d28cb64d5208675cd58211d979a967c9d067de4d6aea916ff90
5373e04bf2ff95719a66c8f3f275375855886609389eaac55f6438ddac5b3285
5a2ed3b523a52549882a45c7d34da1c899b7d27214b9736c595669623c924ea8
5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38
5caa8a9fa65c367f88f564d48f724abb11a233749810577ca46da068fae49ee2
5d6ac652a4a210d983f1b2fe05578b97b8827e1b3ea643f222aad941c4b64def
5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6182b4514b7d63eb2905a5609de8872c4786f490e631fa95fbfed4afeaa8bea7
653b7b9e6f9dff5e12073de4a3a15acb4074767823f49d9704b083bb1ba28a14
6c13dfd1c15bbf8266b6343cfdaa21c7a72fcdaab7cd0c9e2b5218b577381d2c
6f2bfb3f6bd6ee6376bdef718bb23af6b32b86320ad05367f0b90d6092878007
700ad5e597681fb45dfc74f05206ad9c2229a6c710c45b413842ddfe03ce4d50
72c4f93e84a2bfd5a99604e818008f2cbe6d207ca8367ece60ad3837cb5171e6
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
81dff483fdac22b45e404c729c8cf593a995840478f4101cd8e97e09b47ae96e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
847eb36b4dc4b05f94052dcd98077319e74d882334a106bb9ca451ba211c9c2c
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
890088e076aee96f4c126129c2a3f8d38f7628fd65d7eb05b16a7a625b68ef84
961c699fa1b6a4d8e576953ac852a3a17b6ab51f98f278cdfaac58eab631e3a0
9a271b8848f1bfcf2f03ea26a2211f699ce3d302d3163476a64644a19babb1c9
9e87c14a38296bdf92c4f9a1cd41ad9077a3cbe2d33d51eb4fb54f4706c9ebe2
a5c61876c08ab6ffd4be394853d72e3d8a785fe5cb6f26a60f3a1fccc2c1d9ed
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
adcd526d84bceaeb71d4cd8b8d9d23be8bfdbb1ee2d79b3502a179b5f79f9fdc
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b59b09edd989056c7c1a33b5d48662f050c4bb0f1409fc51d2015f49f0f7138e
b81cc6d28cbf3df9c6127a05a865bef0842d917507cce946712974e748110957
bc72002d3635a8ae6da4c00d513e697b56dffdf54dd6ab6bdae6d356e2d06b12
c3d708d294469772bdf055ec6fd061a3b43a2542e0091162f28ba43f969d4539
c48dc1920b459cb954ac7e429253b7296ff32810152b4ef33de043a16ad12656
c75d8bdd1d5498551294cf4551304e5c2158b9788ac1779d03a2edd611a6c93e
cee7b3016ac52c0d37b08300c6e9b9b63535f9b77567b036bc7975236a8cd4f3
d4538b500dbad64b4c530857d7faf7d63bf921bcab573e94160c459ce859c90d
d53b8656b8f584f2303e2ca2e8be93d17c0245e7d62c419c79f701c4219b30cd
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
d9ce4c460b1727b89788af09b57b8b4784dfd3bf12106616b9de4f4ba71f86c8
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b9d52f002201be697fbc0ebf4bdcc61d6c01d0bb1359213e62c67e21850047
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
ecd092608e3488149bb3b673dffb6fd4a663869aedd4176f6e8f8ca0f27654a5
ee7ba44fe5bce5b8af0bb0dbdf7cd946fac1a441e0295025dc7abfd7e5bd9d3f
eefa75d79fbf8aa67fc0abbb851865492400c9f7846bc6d39a8b719e350f2aa0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4277f9e50a728c3d8fbd418f825fd974400d65658b6d7069cc0f6456198989b